|
Hello,
On Sat, 20 May 2000, Horms wrote:
> On Sat, May 20, 2000 at 12:27:01PM -0700, Clint Byrum wrote:
> > I've just been messing with 0.9.12(kernel 2.2.15), and the new FWmark
> > virtual service mode.
> > It works great, but I'd like to know of a way to have the destination port
> > remain unchanged.
> > What I mean is this.
> >
> > Virtualhost needs to serve several ports. The load balancer marks all
> > packets to it with
> > fwmark 1. There are then two real servers that do the actual serving.
> >
> >
> > ipchains -A input -d virtualhost -m 1
> > ipvsadm -A -f 1 -s rr
> > ipvsadm -a -f 1 -r real1 -m
> > ipvsadm -a -f 1 -r real2 -m
> >
> > Unfortunately, this causes packets to be delievered to the real servers with
> > destination
> > ports of 0. It would seem more logical to leave the destination port
> > unchanged, if it is
> > not specified.
>
> My testing indicates that when fwmark services are used the
> port (0 or otherwise) specified for the real server is ignored and
> the destination port is left unchanged. I will update the output
> and documentation of ipvsadm to reflect this more accurately.
For VS/NAT we use dport. For all other methods we don't
use dport. May be we have to stop inheriting dport from vport
in ipvsadm for fwmark services->destinations? For the normal services we
have vport!=0 and it can be inherited. Is that correct? May be
we can restrict it only for VS/NAT mode? All other methods can
use dport=0 when fwmark!=0.
Regards
--
Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>
|
